Oracle JInitiator ActiveX control stack buffer overflows

The Oracle JInitiator ActiveX control contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description
Oracle JInitiator allows users to run Oracle Developer Server applications within a web browser. Oracle JInitiator includes an ActiveX control called beans.ocx. The Oracle JInitiator ActiveX control is vulnerable to multiple stack buffer overflows in initialization parameters.

The article continues at http://www.kb.cert.org/vuls/id/474433